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Application Filing Date : 
19980805 

Detail Description Paragraph : 

[0095] Output data of the interface 51 is sent to the receiver 53. Output data of 
the receiver 53 is sent to the message decoder 55. The message decoder 55 decrypts 
the common key Key 2 encrypted with the public key Key 1. Output data of the 
message decoder 55 is sent to the public key decrypting circuit 57. The public key 
decrypting circuit 57 decrypts the common key Key 2 with the public key Key 1 and 
the secret key received from the controller 59. 
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ABSTRACT: 

A user registers a user public key PKU as a pseudonym at a trustee or issuer and 
obtains an signature for the pseudonym as a license. Ttie sends the pseudonym, PKU 
identification information IdU and the amount of withdrawal x to the issuer 
institution. The issuer increments a balance counter of the pseudonym by x, then 
generates an issuer signature SKI (PKU, x) with a secret key SKI, and sends the 
issuer signature as an electronic cash to the user. The user verifies the validity 
of the issuer signature with a public key SKI, and if valid, increments an 
electronic cash balance counter Balance by x. At the time of payment, user sends 
the public key PKU and the license to a shop, and the shop verifies the validity of 
the license, and if valid, sends a challenge to the user. The user attaches a 
signature to the challenge with user secret key SKU, then sends it to the shop 
together with the amount due y, and decrements the electronic cash balance counter 
by y. 
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Application Filing Date : 
19981223 

Detail Description Paragraph : 

[0136] The electronic cash system according to this embodiment is identical in 
configuration with that depicted in FIG. 13. According to the above-described third 
embodiment intended to ensure the protection of user privacy from the bank 200, in 
either of the procedures for the registration of the user for use of electronic 
cash (FIG. 14) and for the issuance of electronic cash (that is, the withdrawal 
procedure) (FIG, 15), the user's generated common key K and public key PKU are 
encrypted using the issuer public key PKI and sent to the issuer equipment 100 via 
the bank equipment 200, and the issuer equipment 100 decrypts the common key K from 
the encrypted key K, and uses the decrypted common key K to encrypt the signature 
that is sent to the user equipment 300. This fourth embodiment is common to the 
third embodiment in that the user sends the common ky after encrypting it with the 
issuer public key PKI in the user registration procedure, but differs in that the 
issuer stores its decrypted user common key in the storage device in correspondence 
with the user so that when the user makes a request for the issuance of electronic 
cash, it can encrypt its public key PKU and the amount of money x with the common 
key K instead of using the issuer public key PKI. 
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Electronics, Information and Communication Engineers, pp. 105-123. 

Eiji Okamoto, "Introduction to Theory of Cryptography", Kyoritsu Shuppan, pp. SQ- 
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ART-UNIT: 2132 

PRIMARY-EXAMINER: Peeso; Thomas R. 

ATT Y-AGENT- FIRM: Finnegan, Henderson, Farabow, Garrett & Dunner, L.L.P. 



ABSTRACT : 

This invention discloses an information sending system for sending encrypted 
information which can be decrypted in units of parts of information. This 
information sending system includes information segmentation means for segmenting 
information into a plurality of blocks, first encryption means for encrypting more 
than one blocks of the plurality of blocks using a first key, second encryption 
means for encrypting more than one blocks of the blocks other than those encrypted 
by the first encryption means using a second key, and information sending means for 
sending outgoing information including the blocks encrypted by the first encryption 
means and those encrypted by the second encryption means. 

13 Claims, 15 Drawing figures 
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TITLE: Information sending system and method for sending encrypted information 

Application Filing Date (1) : 
19981005 

Detailed Description Text (44) : 

The packet (mail addressed to B) stored in the mail server 25 is audited by the 
administrator C. That is, the administrator C decrypts the key Kl encrypted by his 
or her public key Kpc using his or her private key Ksc to extract the key Kl. Note 
that the administrator C cannot extract the key K2. The administrator C decrypts 
only the blocks 4BC that can be decrypted by the extracted key Kl on the basis of 
the header information h and checks the contents (STll) . 

Detailed Description Text (46) : 

Upon receiving the mail, the receiver B decrypts and extracts the keys Kl and K2 
encrypted by his or her public key Kpb using his or her private key Ksb. The blocks 
4BC encrypted by the key Kl and blocks 4B encrypted by the key K2 are decrypted on 
the basis of the header information h. In this way, the receiver B can read all the 
pieces of information in the mail. 
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PUBN-DATE 
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ART-UNIT: 276 

PRIMARY-EXAMINER: Hayes; Gail O. 
ASSISTANT-EXAMINER: Song; Ho S. 
ATTY-AGENT-FIRM: Oliff & Bar ridge, PLC 

ABSTRACT : 

The present invention provides a signing apparatus used for signing by a user on 
usage information of a source provided in a format made available by the use of key 
information. The apparatus includes a unit for generating the usage information 
which is to be signed, a unit for performing a first confutation by utilizing the 
key information which has been encrypted and the usage information, a unit for 
performing a second computation by utilizing a user's private key and a result of 
the first computation. The apparatus further includes a unit for performing a third 
computation by utilizing a result of the second computation, and thereby generating 
the key information which has been decrypted and a result of the confutation 
performed on the usage information by utilizing the user's private key. The 
apparatus further includes a unit for making the source available by utilizing the 
.decr'YptedJkey_ info^n 



13 Claims, 4 Drawing figures 
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Application Filing Date (1) : 
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Detailed Description Text (9) : 

The secret Jcey storing unit 32 stores a secret key D which makes a pair with the _ 
\ public " key_, The^decryption unit 33 decrypts key information K.sup.eE encfypteci, bV 
the public~ keys and e by utilizing the secret key D, and generates data K.sup.e. 
The concatenation confutation unit 34 concatenates the data K.sup.e transmitted 
from the decryption unit 33 and a Hash value of the message by a predetermined 
computation and then transmits concatenated information to the authentication card 
23. In the concatenated information, the encrypted key information k.sup.e is 
inseparable from the Hash value and they cannot be separated even if the key d 
stored in the authentication card 23 is used. In the authentication card 23, the 
computation is performed on the concatenated information by utilizing the key d, 
and the result of computation is provided to the separation computation unit 35. 
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ABSTRACT : 

A video disk playback apparatus includes a disk driver which retrieves video data 
and a key data table from a digital video disk, and a decoder board which has its 
own ID. The disk driver receives the ID from the decoder board, verifies the ID, 
selects key data based on it, calculates a first datum from the selected key data, 
and sends the datum to the decoder board. The decoder board calculates a second 
datum from the key data and first datum, and returns the second datum to the disk 
driver. The disk driver verifies the second datum, produces an encryption key, 
encrypts the video data based on it, and feeds the encrypted video data to the 
decoder board. The decoder board calculates a decryption key from the first datum, 
decrypts the video data based on it, and decodes the decrypted video data for 
display. 

23 Claims, 13 Drawing figures 
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Application Filing Date (1) : 
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Detailed Description Text (62) : 

Namely, the encryption key decrypter 105 decrypts the encryption key Q from the 
encrypted x and y by using the private key n and public key p. 
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ABSTRACT : 

A system and method for providing security in data communication systems where 
multiple users are coupled to a common receiving system. The data is encrypted or 
otherwise encoded by a sender using a key. The encrypted data is then scrambled or 
otherwise encoded, and transmitted by the sender. The transmitted data is received 
at a receiver where it is descrambled or otherwise decoded. An authorized user 
decrypts or otherwise decodes the descrambled data using a key to retrieve clear 
data. The key itself is encrypted by the sender using an asymmetri c__ encryp tion 
algorithm, and is then transmitted by the sender ."The authorized user decrypts the 
encrypted key us ing the asym metric encryption algorithm, and uses the key to 
decrypt the enc^rypted datS^ — " " 

22 Claims, 8 Drawing figures 

Previous Doc Next Doc Go to Doc# 



http://westbrs: 9000/bin/gate.exe?^doc&state=k Ibtu 1 . 8. 8&ESNAME=FR0&p_Message=. . . 11/1 0/05 



First Hit Fwd Ref s 
End of Result Set 



L7: Entry 8 of 8 



File: USPT 



Feb 16, 1999 



DOCUMENT-IDENTIFIER: US 5872846 A 

TITLE: System and method for providing security in data communication systems 



Application Filing Date (1) 
19961107 



DATE ISSUED (1) : 
19990216 

Detailed Description Text (25) : X 

FIG, 8 illustrates the encryption scheme jz^ FIG, 7 incorporated in the present 
invention to provide a third level of s^urity and also a unique signature of the 
sender. Specifically, FIG. 8 includes/a sender 802, a key 804, a user's public key 
808, a sender's private key 812, a u6er 820, a user's private key 824, a sender's 
public key 828 and a decrypted ke^^32. The sender 802 encrypts or otherwise 
encodes the key 804 using both tjife user's public key 808 and the sender's private 
key 812. The encrypted key is t/ransmitted and is ultimately received by the user 
820. The user 820 decrypts th/ encrypted key using the sender's public key 828 and 
the user's private key 824. yfhe decrypted key 832 can then be used by the user 820 
to decrypt the encrypted d^ta of FIG. 3. 
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One Symmetric Key 623 are used for decrypting the watermarking instructions and the 
others for decrypting the Content 113 and any encrypted metadata. Since Content 113 
can represent a single song or an entire collect of songs on a CD, a different 
Symmetric Key 623 may be used for each song. The watermarking instructions are 
included within the Metadata SC(s) 620 portion in the Order SC(s) 650. The Content 
113 and encrypted metadata are in the Content SC(s) 630 at a Content Hosting Site 
(s) 111. The URL and part names of the encrypted Content 113 and metadata parts, 
within the Content SC(s) 630, are included in the Key Description part of the 
Metadata SC{s) 620 portion of the Order SC{s) 650. The Clearinghouse ( s ) 105 uses 
its private key to decrypt the Symmetric .Keys 623 and then encrypts each of them 
using the Public Key 661 of the End-User Device (s) 109. The Public Key 661 of the 
End-User Device (s) 109 is retrieved from the Order SC(s) 650. The new encrypted. 
Symmetric Keys 623 are included in the Key Description part of the License SC(s) 
660 that the Clearinghouse ( s ) 105 returns to the End-User Device (s) 109. 
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A digital content preparation system. that includes a metadata acquisition tool for 
acquiring metadata associated with the digital content, and a digital content 
processor for processing the digital content by performing at least one, of 
watermarking, encoding, and encrypting. A work flow manager manages processings by 
the metadata acquisition tool and the digital content processor. In one preferred 
embodiment, the metadata acquisition tool includes an automatic metadata 
acquisition tool and a manual metadata acquisition tool, and the digital content 
processor includes an encoder and an encrypter. The present invention also provides 
a method for preparing digital content. According to the method, metadata 
associated with the digital content is acquired, and the digital content is 
processed by at least one of watermarking, encoding, and encrypting. Processings in 
the acquiring step and the processing step are managed. In a preferred method, the 
acquiring step includes automatically retrieving at least a portion of the metadata 
and allowing manual entry of at least a portion of the metadata, and the processing 
step includes encoding the digital content and encrypting the encoded digital 
content. 

47 Claims, 21 Drawing figures 
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For decryption, the public key used for encryption and the secret key must 
correspond to each other. In this embodiment, therefore, the identification (ID) 
number of a program is employed to determine whether the public key and the secret 
key correspond. 
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ABSTRACT: 

The present invention is directed to a novel system and method for regulating a 
network service provider's ability to provide network services to a distributed 
application executing on a network connected computer, which is dependent upon 
whether the NSP possesses a valid permit. The permit is a data structure created by 
a vendor or distributor of a distributed application. The vendor can selectively 
issue a permit to the NSP {or NSPs) for which authorization is being granted. When 
the distributed application is being executed at a client computer, and the 
services of a particular NSP are requested, an application running at the client 
first requests that the NSP provide the client with a valid permit. If the permit 
is valid and authentic, and the identity of the NSP is confirmed, then the 
application executing at the client will permit the distributed application to 
utilize the network services of the selected NSP. 

21 Claims, 7 Drawing figures 
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ABSTRACT: 
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In the exemplary embodiment of FIG. 4, this NSP authentication information is 
submitted at program step 162 in the form of a "public certificate" that is owned 
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shown at 164 in FIG. 4. This certificate (designated at 142 in FIG. 3) is then 
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further detail below, it is this public key that is later used to confirm that the 
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